9930ead76e66b9b63db13ab44970c3cf8d2e74a9f41a8e5f5f5719678753569c

Sharing

Copy URL

Twitter E-mail

General

Target

9930ead76e66b9b63db13ab44970c3cf8d2e74a9f41a8e5f5f5719678753569c
Size

112KB
MD5

c4c14599c6c415da35f5f5d635bb3ca9
SHA1

12715bd5688b08f0ec60f3295b090bbcb51943c4
SHA256

9930ead76e66b9b63db13ab44970c3cf8d2e74a9f41a8e5f5f5719678753569c
SHA512

c2e13fe5347a489a434e6a690633c89a52e6273b8640984baf5071d13669501fe0a1090b218cf4594a0afbfeeb06bb1f905b3465d6c65dbdd14c951f8804d933
SSDEEP

1536:9ZNEIpp3DPQEjitsOa7UQSalnUXXnx2PT:9ZNN3DtJB7xllOnx2PT

Score

N/A

Malware Config

Signatures

Files

9930ead76e66b9b63db13ab44970c3cf8d2e74a9f41a8e5f5f5719678753569c
.exe windows x86

ebf6735d75029869b73ab1e6e3eb1d21

Code Sign

51:23:09:d5:d0:a2:b9:8c:42:fb:c1:82:e7:8e:4e:92
Certificate

Issuer

CN=w466666345uy inc

Not Before

28/01/2012, 07:40

Not After

31/12/2039, 23:59

Subject

CN=w466666345uy inc

Extended Key Usages

ExtKeyUsageCodeSigning

2c:a6:98:63:81:df:4d:e7:e7:90:26:73:2e:9c:b4:0e:2d:26:4b:fe
Signer

Actual PE Digest

2c:a6:98:63:81:df:4d:e7:e7:90:26:73:2e:9c:b4:0e:2d:26:4b:fe

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=w466666345uy inc

01/12/2022, 14:34
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
LoadLibraryA
GetProcessHeap
GetProcAddress
GetSystemInfo
AddConsoleAliasA
BackupRead
BuildCommDCBAndTimeoutsW
CreateDirectoryA
CreateEventW
CreateJobObjectA
CreateRemoteThread
CreateWaitableTimerW
DebugBreak
DeleteTimerQueue
DeleteTimerQueueTimer
DosDateTimeToFileTime
EnumResourceLanguagesA
EnumResourceNamesA
EnumSystemCodePagesW
EnumTimeFormatsA
EnumTimeFormatsW
ExitProcess
ExitThread
FatalAppExitA
FileTimeToSystemTime
FindFirstFileW
FindFirstVolumeMountPointA
FindNextFileA
FindNextVolumeMountPointW
FindNextVolumeW
FlushViewOfFile
FoldStringW
GetCalendarInfoA
GetComputerNameW
GetConsoleAliasExesA
GetConsoleAliasExesLengthA
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetEnvironmentStringsW
GetExitCodeProcess
GetFileAttributesExW
GetNumberOfConsoleInputEvents
GetPrivateProfileIntW
GetPrivateProfileSectionNamesA
GetProfileIntA
GetQueuedCompletionStatus
GetShortPathNameW
GetThreadSelectorEntry
lstrcatW
GetVolumeInformationW
GlobalFix
GlobalUnlock
HeapFree
InterlockedCompareExchange
IsBadStringPtrW
IsValidLanguageGroup
LCMapStringA
LocalFlags
LocalSize
MoveFileA
MoveFileW
OpenJobObjectA
Process32Next
ProcessIdToSessionId
QueryInformationJobObject
ReadConsoleInputW
ReadConsoleOutputAttribute
ReadFile
ReplaceFile
SetCalendarInfoA
SetCommBreak
SetCommState
SetConsoleCursor
SetEvent
SetMailslotInfo
SetProcessAffinityMask
SetVolumeLabelA
SetVolumeLabelW
SuspendThread
TerminateJobObject
TerminateThread
TransactNamedPipe
TryEnterCriticalSection
UnlockFileEx
VerSetConditionMask
VirtualFreeEx
WaitForMultipleObjectsEx
WaitForSingleObject
WaitNamedPipeA
WriteConsoleW
WriteProcessMemory
_hwrite
_llseek
_lwrite
lstrcat
lstrcatA
lstrcmpi
GetVersion
CreateFileW

msvcrt

memset

user32

CallWindowProcA
DdeInitializeW
DlgDirSelectComboBoxExW
DrawTextW
EndDialog
EnumDisplaySettingsA
EnumWindowStationsA
MapVirtualKeyExA
SetWindowPlacement
SwapMouseButton

advapi32

RegOpenKeyExW

ole32

CLIPFORMAT_UserFree
CLIPFORMAT_UserMarshal
CoCreateInstance
CoCreateObjectInContext
CoFreeUnusedLibraries
CoGetPSClsid
CoGetStdMarshalEx
CoGetTreatAsClass
CoMarshalHresult
CoQueryClientBlanket
CoQueryReleaseObject
CoWaitForMultipleHandles
CreateDataAdviseHolder
CreateFileMoniker
DcomChannelSetHResult
DllGetClassObjectWOW
GetClassFile
GetHGlobalFromStream
GetRunningObjectTable
HACCEL_UserUnmarshal
HBRUSH_UserSize
HBRUSH_UserUnmarshal
HGLOBAL_UserMarshal
HGLOBAL_UserSize
HMENU_UserUnmarshal
HMETAFILE_UserFree
HMETAFILE_UserUnmarshal
HPALETTE_UserFree
HWND_UserFree
HWND_UserSize
IIDFromString
IsAccelerator
MonikerCommonPrefixWith
OleConvertIStorageToOLESTREAMEx
OleConvertOLESTREAMToIStorage
OleCreateDefaultHandler
OleCreateEx
OleCreateLinkToFileEx
OleDraw
OleFlushClipboard
OleGetAutoConvert
OleGetIconOfClass
OleInitializeWOW
OleLoad
OleLoadFromStream
OleLockRunning
OleRegEnumFormatEtc
OleRegGetMiscStatus
OleSetClipboard
OleTranslateAccelerator
ProgIDFromCLSID
PropVariantCopy
ReadClassStg
STGMEDIUM_UserFree
STGMEDIUM_UserUnmarshal
StgOpenPropStg
StgOpenStorage
StgPropertyLengthAsVariant
StringFromIID
UtConvertDvtd32toDvtd16
WriteClassStm
WriteFmtUserTypeStg

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 452B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text2
Size: 1024B - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text2
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ebf6735d75029869b73ab1e6e3eb1d21

Code Sign

51:23:09:d5:d0:a2:b9:8c:42:fb:c1:82:e7:8e:4e:92Certificate

Extended Key Usages

2c:a6:98:63:81:df:4d:e7:e7:90:26:73:2e:9c:b4:0e:2d:26:4b:feSigner

Signature Validations

Verification

01/12/2022, 14:34 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

advapi32

ole32

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 452B

.text2 Size: 1024B - Virtual size: 712B

.text2 Size: 78KB - Virtual size: 77KB

.rsrc Size: 20KB - Virtual size: 20KB

.reloc Size: 1KB - Virtual size: 1KB

51:23:09:d5:d0:a2:b9:8c:42:fb:c1:82:e7:8e:4e:92
Certificate

2c:a6:98:63:81:df:4d:e7:e7:90:26:73:2e:9c:b4:0e:2d:26:4b:fe
Signer

01/12/2022, 14:34
Valid: false

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 452B

.text2
Size: 1024B - Virtual size: 712B

.text2
Size: 78KB - Virtual size: 77KB

.rsrc
Size: 20KB - Virtual size: 20KB

.reloc
Size: 1KB - Virtual size: 1KB